Cadzow Knowledgebase

Normal view

Scripting: Calculate File Hashes

Windows has two easy ways to generate the hash of a file:

    certutil -hashfile c:\windows\explorer.exe

    SHA1 hash of c:\windows\explorer.exe:
    CertUtil: -hashfile command completed successfully.


    powershell get-filehash -algorithm sha1 c:\Windows\explorer.exe

    Algorithm       Hash
    ---------       ----
    SHA1            C56856EE0657A9093D6154F56F27C885C22EB347

Both are easy to parse in a command processor script.

But which is faster?

We ran a trial on 3,486 files totalling 1,633,122,384 bytes, using a Windows 10 system with an Intel Core i7-8550U 1.80GHz processor and solid state drive. The script output was not echoed to the console.

Certutil completed in 133 seconds, PowerShell took 1,368 seconds. However this test was conducted by calling each executable once per file in a loop. Despite powershell.exe being smaller than certutil.exe, it takes significantly longer to bootstrap, because “PowerShell” is not just a single executable. So calling powershell.exe in a loop is very inefficient. When using powershell get-filehash *.* (ie. with wildcards), the operation took less than 10 seconds because it was not necessary to bootstrap PowerShell each time. CertUtil does not support wildcards.

Therefore, in a script environment to hash a single file, CertUtil is faster. If hashing many files in a single session, PowerShell is faster. In a native PowerShell script, using get-filehash will be faster than spawning an instance of CertUtil.exe.

Copyright © 1996-2021 Cadzow TECH Pty. Ltd. All rights reserved.
Information and prices contained in this website may change without notice. Terms of use.

Question/comment about this page? Please email